b39ca7eccb
fix(slack): remove double mrkdwn conversion in native streaming path
...
Remove redundant text normalization from Slack native streaming markdown_text flow so Markdown formatting is preserved.
Synthesis context: overlaps reviewed from #34931 , #34759 , #34716 , #34682 , #34814 .
Co-authored-by: littleben <1573829+littleben@users.noreply.github.com>
Co-authored-by: dunamismax <dunamismax@tutamail.com>
Co-authored-by: Octane <wdznb1@gmail.com>
Co-authored-by: Mitsuyuki Osabe <24588751+carrotRakko@users.noreply.github.com>
Co-authored-by: Kai <me@kaiyi.cool>
Co-authored-by: OpenClaw Agent <agent@openclaw.ai>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
2026-03-05 20:34:43 -06:00
1ab9393212
fix(secrets): harden api key normalization for ByteString headers
2026-03-05 18:31:45 -08:00
7a22b3fa0b
feat(agents): flush reply pipeline before compaction wait ( #35489 )
...
Merged via squash.
Prepared head SHA: 7dbbcc510b
2026-03-05 18:22:19 -08:00
6084c26d00
fix(tui): render final event error when assistant output is empty ( #14687 )
2026-03-05 18:16:43 -08:00
94fdee2eac
fix(memory-flush): ban timestamped variant files in default flush prompt ( #34951 )
...
Merged via squash.
Prepared head SHA: efadda4988
2026-03-05 18:15:13 -08:00
8088218f46
fix(openai-codex): request required oauth api scopes ( #24720 )
2026-03-05 18:10:03 -08:00
fb289b7a79
Memory: handle SecretRef keys in doctor embeddings ( #36835 )
...
Merged via squash.
Prepared head SHA: c1a3d0caae
2026-03-05 20:05:59 -06:00
cec5535096
fix(tui): prevent stale model indicator after /model
2026-03-05 17:39:19 -08:00
d326861eb4
fix(gateway): preserve streamed prefixes across tool boundaries
2026-03-05 17:28:22 -08:00
d58dafae88
feat(telegram/acp): Topic Binding, Pin Binding Message, Fix Spawn Param Parsing ( #36683 )
...
* fix(acp): normalize unicode flags and Telegram topic binding
* feat(telegram/acp): restore topic-bound ACP and session bindings
* fix(acpx): clarify permission-denied guidance
* feat(telegram/acp): pin spawn bind notice in topics
* docs(telegram): document ACP topic thread binding behavior
* refactor(reply): share Telegram conversation-id resolver
* fix(telegram/acp): preserve bound session routing semantics
* fix(telegram): respect binding persistence and expiry reporting
* refactor(telegram): simplify binding lifecycle persistence
* fix(telegram): bind acp spawns in direct messages
* fix: document telegram ACP topic binding changelog (#36683 ) (thanks @huntharo)
---------
Co-authored-by: Onur <2453968+osolmaz@users.noreply.github.com>
2026-03-06 02:17:50 +01:00
92b4892127
fix(auth): harden openai-codex oauth login path
2026-03-05 17:16:34 -08:00
3cd4978a09
fix(llm-task): load runEmbeddedPiAgent from dist/extensionAPI in installs
2026-03-05 17:16:14 -08:00
d86a12eb62
fix(gateway): honor insecure ws override for remote hostnames
2026-03-05 17:04:26 -08:00
c260e207b2
fix(routing): avoid full binding rescans in resolveAgentRoute ( #36915 )
2026-03-05 16:49:29 -08:00
1a67cf57e3
Diffs: restore system prompt guidance ( #36904 )
...
Merged via squash.
Prepared head SHA: 1b3be3c879
2026-03-05 19:46:39 -05:00
06a229f98f
fix(browser): close tracked tabs on session cleanup ( #36666 )
2026-03-05 16:40:52 -08:00
6dfd39c32f
Harden Telegram poll gating and schema consistency ( #36547 )
...
Merged via squash.
Prepared head SHA: f77824419e
2026-03-05 19:24:43 -05:00
f771ba8de9
fix(memory): avoid destructive qmd collection rebinds
2026-03-05 16:04:22 -08:00
688b72e158
plugins: enforce prompt hook policy with runtime validation ( #36567 )
...
Merged via squash.
Prepared head SHA: 6b9d883b6a
2026-03-05 18:15:54 -05:00
063e493d3d
fix: decouple Discord inbound worker timeout from listener timeout ( #36602 ) (thanks @dutifulbob) ( #36602 )
...
Co-authored-by: Onur Solmaz <2453968+osolmaz@users.noreply.github.com>
2026-03-06 00:09:14 +01:00
97ea9df57f
README: add algal to contributors list ( #2046 )
2026-03-05 17:07:03 -06:00
b9a20dc97f
fix(slack): preserve dedupe while recovering dropped app_mention ( #34937 )
...
This PR fixes Slack mention loss without reintroducing duplicate dispatches.
- Preserve seen-message dedupe at ingress to prevent duplicate processing.
- Allow a one-time app_mention retry only when the paired message event was previously dropped before dispatch.
- Add targeted race tests for both recovery and duplicate-prevention paths.
Co-authored-by: littleben <1573829+littleben@users.noreply.github.com>
Co-authored-by: OpenClaw Agent <agent@openclaw.ai>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
2026-03-05 17:00:05 -06:00
7830366f3c
fix(slack): propagate mediaLocalRoots through Slack send path
...
Restore Slack local file upload parity with CVE-era local media allowlist enforcement by threading `mediaLocalRoots` through the Slack send call chain.
- pass `ctx.mediaLocalRoots` from Slack channel action adapter into `handleSlackAction`
- add and forward `mediaLocalRoots` in Slack action context/send path
- pass `mediaLocalRoots` into `sendMessageSlack` for upload allowlist enforcement
- add changelog entry with attribution for this behavior fix
Co-authored-by: 2233admin <1497479966@qq.com>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
2026-03-05 16:52:49 -06:00
a0b731e2ce
fix(config): prevent RangeError in merged schema cache key generation
...
Fix merged schema cache key generation for high-cardinality plugin/channel metadata by hashing incrementally instead of serializing one large aggregate string.
Includes changelog entry for the user-visible regression fix.
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
Co-authored-by: Bill <gsamzn@gmail.com>
2026-03-05 16:45:07 -06:00
60d33637d9
fix(auth): grant senderIsOwner for internal channels with operator.admin scope (openclaw#35704)
...
Verified:
- pnpm install --frozen-lockfile
- pnpm build
- pnpm check
- pnpm test:macmini
Co-authored-by: Naylenv <45486779+Naylenv@users.noreply.github.com>
Co-authored-by: Octane0411 <88922959+Octane0411@users.noreply.github.com>
Co-authored-by: Sid-Qin <201593046+Sid-Qin@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
2026-03-05 16:32:42 -06:00
aad372e15f
feat: append UTC time alongside local time in shared Current time lines ( #32423 )
...
Merged via squash.
Prepared head SHA: 9e8ec13933
2026-03-06 01:26:34 +03:00
49acb07f9f
fix(agents): classify insufficient_quota 400s as billing ( #36783 )
2026-03-06 01:17:48 +03:00
0c08e3f55f
UI: hoist lifecycle connect test mocks ( #36788 )
2026-03-05 17:15:31 -05:00
999b7e4edf
fix(ui): bump dompurify to 3.3.2 ( #36781 )
...
* UI: bump dompurify to 3.3.2
* Deps: refresh dompurify lockfile
2026-03-05 17:08:42 -05:00
98aecab7bd
Docs: cover heartbeat, cron, and plugin route updates
2026-03-05 17:05:21 -05:00
2b45eb0e52
Docs: document Control UI locale support
2026-03-05 16:57:59 -05:00
6b2c115167
Docs: clarify OpenAI-compatible TTS endpoints
2026-03-05 16:57:51 -05:00
1d3962a000
Docs: update gateway config reference for Slack and TTS
2026-03-05 16:57:40 -05:00
837b7b4b94
Docs: add Slack typing reaction fallback
2026-03-05 16:57:31 -05:00
6859619e98
test(agents): add provider-backed failover regressions ( #36735 )
...
* test(agents): add provider-backed failover fixtures
* test(agents): cover more provider error docs
* test(agents): tighten provider doc fixtures
2026-03-06 00:42:59 +03:00
036c329716
Compaction/Safeguard: add summary quality audit retries ( #25556 )
...
Merged via squash.
Prepared head SHA: be473efd16
2026-03-05 13:39:25 -08:00
029c473727
fix(failover): narrow service-unavailable to require overload indicator ( #32828 ) ( #36646 )
...
Merged via squash.
Prepared head SHA: 46fb430612
2026-03-06 00:01:57 +03:00
f014e255df
refactor(agents): share failover HTTP status classification ( #36615 )
...
* fix(agents): classify transient failover statuses consistently
* fix(agents): preserve legacy failover status mapping
2026-03-05 23:50:36 +03:00
8ac7ce73b3
fix: avoid false global rate-limit classification from generic cooldown text ( #32972 )
...
Merged via squash.
Prepared head SHA: 813c16f5af
2026-03-05 22:58:21 +03:00
591264ef52
fix(agents): set preserveSignatures to isAnthropic in resolveTranscriptPolicy ( #32813 )
...
Merged via squash.
Prepared head SHA: f522d21ca5
2026-03-05 11:55:06 -08:00
709dc671e4
fix(session): archive old transcript on daily/scheduled reset to prevent orphaned files ( #35493 )
...
Merged via squash.
Prepared head SHA: 0d95549d75
2026-03-05 11:52:23 -08:00
edc386e9a5
fix(ui): catch marked.js parse errors to prevent Control UI crash ( #36445 )
...
- Prevent Control UI session render crashes when `marked.parse()` encounters pathological recursive markdown by safely falling back to escaped `<pre>` output.
- Tighten markdown fallback regression coverage and keep changelog attribution in sync for this crash-hardening path.
Co-authored-by: Bin Deng <dengbin@romangic.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
2026-03-05 13:46:49 -06:00
6c0376145f
fix(agents): skip compaction API call when session has no real messages ( #36451 )
...
Merged via squash.
Prepared head SHA: 52dd631789
2026-03-05 11:40:25 -08:00
60a6d11116
fix(embedded): classify model_context_window_exceeded as context overflow, trigger compaction ( #35934 )
...
Merged via squash.
Prepared head SHA: 20fa77289c
2026-03-05 11:30:24 -08:00
72cf9253fc
Gateway: add SecretRef support for gateway.auth.token with auth-mode guardrails ( #35094 )
2026-03-05 12:53:56 -06:00
bc66a8fa81
fix(feishu): avoid media regressions from global HTTP timeout ( #36500 )
...
* fix(feishu): avoid media regressions from global http timeout
* fix(feishu): source HTTP timeout from config
* fix(feishu): apply media timeout override to image uploads
* fix(feishu): invalidate cached client when timeout changes
* fix(feishu): clamp timeout values and cover image download
2026-03-05 12:13:40 -06:00
09c68f8f0e
add prependSystemContext and appendSystemContext to before_prompt_build ( fixes #35131 ) ( #35177 )
...
Merged via squash.
Prepared head SHA: d9a2869ad6
2026-03-05 13:06:59 -05:00
174eeea76c
Feishu: normalize group slash command probing
...
- Feishu/group slash command detection: normalize group mention wrappers before command-authorization probing so mention-prefixed commands are recognized in group routing.\n- Source PR: #36011\n- Contributor: @liuxiaopai-ai\n\nCo-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>\nCo-authored-by: liuxiaopai-ai <73659136+liuxiaopai-ai@users.noreply.github.com>
2026-03-05 11:56:59 -06:00
995ae73d5f
synthesis: fix Feishu group mention slash parsing
...
## Summary\n\nFeishu group slash command parsing is fixed for mentions and command probes across authorization paths.\n\nThis includes:\n- Normalizing bot mention text in group context for reliable slash detection in message parsing.\n- Adding command-probe normalization for group slash invocations.\n\nCo-authored-by: Sid Qin <sidqin0410@gmail.com>\nCo-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
2026-03-05 11:34:08 -06:00
2972d6fa79
fix(feishu): accept groupPolicy "allowall" as alias for "open" ( #36358 )
...
* fix(feishu): accept groupPolicy "allowall" as alias for "open"
When users configure groupPolicy: "allowall" in Feishu channel config,
the Zod schema rejects the value and the runtime policy check falls
through to the allowlist path. With an empty allowFrom array, all group
messages are silently dropped despite the intended "allow all" semantics.
Accept "allowall" at the schema level (transform to "open") and add a
runtime guard in isFeishuGroupAllowed so the value is handled even if it
bypasses schema validation.
Closes #36312
Made-with: Cursor
* Feishu: tighten allowall alias handling and coverage
---------
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
2026-03-05 11:32:01 -06:00
littleben
Vignesh Natarajan
Sid
zerone0x
Josh Avant
Harold Hunt
Gustavo Madeira Santana
Bob
2233admin
Bill
Jacob Riff
Altay
Vincent Koc
Rodrigo Uroz
jiangnan
不做了睡大觉
Byungsker
Bin Deng
Kai
Tak Hoffman
maweibin
Liu Xiaopai